[systemd-devel] Compatibility between D-Bus and kdbus
Lennart Poettering
mzqohf at 0pointer.de
Wed Oct 1 23:50:02 PDT 2014
On Wed, 01.10.14 22:32, Simon McVittie (simon.mcvittie at collabora.co.uk) wrote:
> On 01/10/14 21:40, Lennart Poettering wrote:
> > If packages want compatibility with both kdbus/systemd and classic
> > dbus1, then I'd suggest to simply continue shipping the old XML policy
> > file fragments, plus the new systemd .busname unit. [...] No
> > need to add anything new that would be a stop-gap and little else.
>
> I know you don't care about portability beyond Linux for kdbus and
> systemd, and you intend to consider non-kdbus systems to be legacy.
> That's fine, that's your prerogative as maintainer of systemd.
>
> However, dbus (as in, the reference implementation of D-Bus) is
> portable, and I don't really want its use on non-Linux to have to carry
> around the XML policy language as non-deprecated forever. So I'm tempted
> to add kdbus' rather more realistic model to dbus-daemon anyway, just so
> we can move the status of the XML policy language to "seriously, don't".
I'd be very careful with this. It's not just about simplifying the
policy language really. If you simplify it as drastically as we did
for kdbus/systemd, you also need to make it easy and efficient to
implement more complex policy logic client-side. In kdbus this is done
by implicitly appending uid/gid/caps/selinux/... data to incoming
messages, so that no roundtrip is necessary to authorize client
calls. This would have to be added to dbus1 too I guess before such a
simplified policy language could be offered. That's not impossible to
do (it would just mean that the SCM_CREDS/SCM_SECLABEL bits
dbus-daemon receieves for incoming messages is converted into dbus
message header fields), but certainly requires some work.
Lennart
--
Lennart Poettering, Red Hat
More information about the dbus
mailing list